Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/2VevK0HBk8qY35gQ5UtjfqrB3nY.roa
File: 2VevK0HBk8qY35gQ5UtjfqrB3nY.roa (raw, json)
Hash identifier: AmV1BLqc7vTs/6UGFEgRF0w9AuqYNGKRtxRFQd+4rZ8=
Subject key identifier: D9:57:AF:2B:41:C1:93:CA:98:DF:98:10:E5:4B:63:7E:AA:C1:DE:76
Certificate issuer: /CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Certificate serial: 019424458FAC50D7E5FC099FF6A3E1BF0494
Authority key identifier: DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/2VevK0HBk8qY35gQ5UtjfqrB3nY.roa
Signing time: Wed 01 Jan 2025 23:48:46 +0000
ROA not before: Wed 01 Jan 2025 23:48:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201446
IP address blocks: 89.46.88.0/24 maxlen: 24
89.46.89.0/24 maxlen: 24
89.46.90.0/24 maxlen: 24
89.46.91.0/24 maxlen: 24
185.18.198.0/24 maxlen: 24
185.18.199.0/24 maxlen: 24
185.23.116.0/24 maxlen: 24
185.23.117.0/24 maxlen: 24
185.23.118.0/24 maxlen: 24
185.23.119.0/24 maxlen: 24
185.45.73.0/24 maxlen: 24
185.45.74.0/24 maxlen: 24
185.45.75.0/24 maxlen: 24
185.68.108.0/24 maxlen: 24
185.68.109.0/24 maxlen: 24
185.68.110.0/24 maxlen: 24
185.68.111.0/24 maxlen: 24
185.92.244.0/24 maxlen: 24
185.92.245.0/24 maxlen: 24
185.92.246.0/24 maxlen: 24
185.92.247.0/24 maxlen: 24
185.177.152.0/24 maxlen: 24
185.177.153.0/24 maxlen: 24
185.177.154.0/24 maxlen: 24
185.177.155.0/24 maxlen: 24
212.63.108.0/24 maxlen: 24
212.63.109.0/24 maxlen: 24
212.63.110.0/24 maxlen: 24
212.63.111.0/24 maxlen: 24
217.148.138.0/24 maxlen: 24
217.148.139.0/24 maxlen: 24
2a03:f6c0::/32 maxlen: 32
2a03:f6c0::/52 maxlen: 52
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:45:8f:ac:50:d7:e5:fc:09:9f:f6:a3:e1:bf:04:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc3cb20c5ca7c4ed8e42078b1a67287a0d991cec
Validity
Not Before: Jan 1 23:48:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d957af2b41c193ca98df9810e54b637eaac1de76
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:55:28:61:5e:df:4d:15:3a:80:64:5a:4f:39:
b0:0b:d2:53:5b:7f:d8:df:7a:7e:4f:96:6b:32:84:
e0:90:29:b7:31:8d:5b:6a:3d:1b:ac:9f:c9:e7:d6:
80:48:5a:19:be:2f:12:80:e4:12:ec:7c:18:48:f7:
47:71:33:2f:f1:35:b0:82:b8:fb:1e:16:78:29:2d:
48:67:bd:3f:5e:5f:5f:ce:fd:d7:58:c5:91:8e:f5:
4a:00:9b:0f:18:e5:8b:62:ec:bc:4a:63:95:c5:9b:
94:39:7a:24:14:64:43:ae:a7:6e:27:e5:c9:34:1c:
ac:5e:a8:42:6d:62:da:97:f7:af:5f:ff:43:d0:52:
19:33:2a:9a:fe:f2:96:b8:c8:ff:08:86:ee:8a:de:
c6:fe:91:29:5a:5b:6b:93:1b:0e:b7:3b:47:71:3f:
b0:9b:a2:cf:7d:12:c6:59:4b:41:3f:a7:9d:56:18:
2c:26:0f:e2:65:62:50:02:cd:a5:c3:bb:7e:2a:82:
f3:89:67:20:96:f2:f6:78:9c:cd:78:9c:e3:a6:a7:
03:9b:54:d6:9f:c3:95:1f:56:66:6f:1b:6f:0b:1b:
5e:f4:d3:ed:b7:64:d6:95:54:3d:a1:6e:e2:73:18:
35:e9:75:e9:30:c8:02:97:6c:95:41:98:98:e2:03:
45:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:57:AF:2B:41:C1:93:CA:98:DF:98:10:E5:4B:63:7E:AA:C1:DE:76
X509v3 Authority Key Identifier:
keyid:DC:3C:B2:0C:5C:A7:C4:ED:8E:42:07:8B:1A:67:28:7A:0D:99:1C:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3DyyDFynxO2OQgeLGmcoeg2ZHOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/2VevK0HBk8qY35gQ5UtjfqrB3nY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/a85f3d-65a2-4f6c-9cb9-82660ee4eac4/1/3DyyDFynxO2OQgeLGmcoeg2ZHOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.88.0/22
185.18.198.0/23
185.23.116.0/22
185.45.73.0-185.45.75.255
185.68.108.0/22
185.92.244.0/22
185.177.152.0/22
212.63.108.0/22
217.148.138.0/23
IPv6:
2a03:f6c0::/32
Signature Algorithm: sha256WithRSAEncryption
1e:b7:98:d4:06:22:11:21:1a:7d:7e:6c:c6:1b:a5:8f:2b:7d:
23:58:3b:bb:f0:7f:a3:b2:a0:9d:aa:4e:b1:03:0d:a6:47:ef:
d2:dc:48:7a:95:01:8f:cf:66:df:5a:2e:06:9b:ee:f5:07:c9:
08:72:9a:58:05:8d:cd:18:56:8f:23:d6:63:15:0c:f2:25:59:
91:ea:a2:bf:04:28:da:3f:ab:4c:de:fa:43:30:4a:88:0d:92:
06:69:d4:ec:37:7c:d9:96:3e:86:75:56:e4:d2:57:7c:e7:35:
a8:34:54:52:d1:e1:7d:83:2c:73:63:7c:de:3a:33:41:67:ff:
9f:a3:cf:4d:72:38:16:25:be:a9:61:c7:05:67:fe:f8:69:62:
a3:bb:d7:ff:43:3d:b0:c4:02:6c:ba:35:d8:54:79:5b:09:e8:
e9:0d:77:84:6f:99:72:75:2e:37:fd:ba:6b:51:8c:39:6a:ee:
3d:4a:83:cd:21:05:29:7d:79:fc:a8:e5:5a:9e:98:35:0f:df:
aa:3b:3f:b7:cc:df:00:84:c7:54:a3:4a:bd:0e:b1:c6:76:12:
95:28:fe:20:46:72:f6:a0:f5:bf:e4:ae:14:3b:fb:92:e8:98:
b7:c2:31:25:91:5d:b9:b3:b6:4c:02:09:42:02:f5:7f:9d:59:
c4:09:c2:26
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZQkRY+sUNfl/Amf9qPhvwSUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjM2NiMjBjNWNhN2M0ZWQ4ZTQyMDc4YjFhNjcyODdhMGQ5
OTFjZWMwHhcNMjUwMTAxMjM0ODQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTU3YWYyYjQxYzE5M2NhOThkZjk4MTBlNTRiNjM3ZWFhYzFkZTc2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVUoYV7fTRU6gGRaTzmwC9JTW3/Y
33p+T5ZrMoTgkCm3MY1baj0brJ/J59aASFoZvi8SgOQS7HwYSPdHcTMv8TWwgrj7
HhZ4KS1IZ70/Xl9fzv3XWMWRjvVKAJsPGOWLYuy8SmOVxZuUOXokFGRDrqduJ+XJ
NBysXqhCbWLal/evX/9D0FIZMyqa/vKWuMj/CIbuit7G/pEpWltrkxsOtztHcT+w
m6LPfRLGWUtBP6edVhgsJg/iZWJQAs2lw7t+KoLziWcglvL2eJzNeJzjpqcDm1TW
n8OVH1ZmbxtvCxte9NPtt2TWlVQ9oW7icxg16XXpMMgCl2yVQZiY4gNF8QIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFNlXrytBwZPKmN+YEOVLY36qwd52MB8GA1UdIwQY
MBaAFNw8sgxcp8TtjkIHixpnKHoNmRzsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjkt
ODI2NjBlZTRlYWM0LzEvMlZldkswSEJrOHFZMzVnUTVVdGpmcXJCM25ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9hODVmM2QtNjVhMi00ZjZjLTljYjktODI2NjBlZTRlYWM0
LzEvM0R5eURGeW54TzJPUWdlTEdtY29lZzJaSE93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCWS5YAwQB
uRLGAwQCuRd0MAwDBAC5LUkDBAK5LUgDBAK5RGwDBAK5XPQDBAK5sZgDBALUP2wD
BAHZlIowDQQCAAIwBwMFACoD9sAwDQYJKoZIhvcNAQELBQADggEBAB63mNQGIhEh
Gn1+bMYbpY8rfSNYO7vwf6OyoJ2qTrEDDaZH79LcSHqVAY/PZt9aLgab7vUHyQhy
mlgFjc0YVo8j1mMVDPIlWZHqor8EKNo/q0ze+kMwSogNkgZp1Ow3fNmWPoZ1VuTS
V3znNag0VFLR4X2DLHNjfN46M0Fn/5+jz01yOBYlvqlhxwVn/vhpYqO71/9DPbDE
Amy6NdhUeVsJ6OkNd4RvmXJ1Ljf9umtRjDlq7j1Kg80hBSl9efyo5VqemDUP36o7
P7fM3wCEx1SjSr0OscZ2EpUo/iBGcvag9b/krhQ7+5LomLfCMSWRXbmztkwCCUIC
9X+dWcQJwiY=
-----END CERTIFICATE-----
Generated at Mon Apr 14 20:27:56 2025 by rpki-client on console.sobornost.net